From 4d2bfbf667a4108484448f43254e6b51575f73db Mon Sep 17 00:00:00 2001 From: opa334 Date: Tue, 6 Sep 2022 01:04:10 +0200 Subject: [PATCH] 1.0.7 --- Helper/main.m | 47 +++++++++++++------------- PersistenceHelper/Resources/Info.plist | 2 +- PersistenceHelper/control | 2 +- Store/Resources/Info.plist | 2 +- Store/TSApplicationsManager.m | 3 ++ Store/TSSettingsListController.m | 2 +- Store/control | 2 +- 7 files changed, 32 insertions(+), 28 deletions(-) diff --git a/Helper/main.m b/Helper/main.m index 481ad4f..f9c9d8e 100644 --- a/Helper/main.m +++ b/Helper/main.m @@ -202,7 +202,6 @@ int runLdid(NSArray* args, NSString** output, NSString** errorOutput) SecStaticCodeRef getStaticCodeRef(NSString *binaryPath) { - if(binaryPath == nil) { return NULL; @@ -233,7 +232,6 @@ SecStaticCodeRef getStaticCodeRef(NSString *binaryPath) NSDictionary* dumpEntitlements(SecStaticCodeRef codeRef) { - if(codeRef == NULL) { NSLog(@"[dumpEntitlements] attempting to dump entitlements without a StaticCodeRef"); @@ -295,7 +293,6 @@ NSDictionary* dumpEntitlementsFromBinaryAtPath(NSString *binaryPath) BOOL certificateHasDataForExtensionOID(SecCertificateRef certificate, CFStringRef oidString) { - if(certificate == NULL || oidString == NULL) { NSLog(@"[certificateHasDataForExtensionOID] attempted to check null certificate or OID"); @@ -314,7 +311,6 @@ BOOL certificateHasDataForExtensionOID(SecCertificateRef certificate, CFStringRe BOOL codeCertChainContainsFakeAppStoreExtensions(SecStaticCodeRef codeRef) { - if(codeRef == NULL) { NSLog(@"[codeCertChainContainsFakeAppStoreExtensions] attempted to check cert chain of null static code object"); @@ -325,7 +321,7 @@ BOOL codeCertChainContainsFakeAppStoreExtensions(SecStaticCodeRef codeRef) OSStatus result; result = SecCodeCopySigningInformation(codeRef, kSecCSSigningInformation, &signingInfo); - + if(result != errSecSuccess) { NSLog(@"[codeCertChainContainsFakeAppStoreExtensions] failed to copy signing info from static code"); @@ -333,14 +329,18 @@ BOOL codeCertChainContainsFakeAppStoreExtensions(SecStaticCodeRef codeRef) } CFArrayRef certificates = CFDictionaryGetValue(signingInfo, kSecCodeInfoCertificates); + if(certificates == NULL || CFArrayGetCount(certificates) == 0) + { + return NO; + } // If we match the standard Apple policy, we are signed properly, but we haven't been deliberately signed with a custom root SecPolicyRef appleAppStorePolicy = SecPolicyCreateWithProperties(kSecPolicyAppleiPhoneApplicationSigning, NULL); - + SecTrustRef trust = NULL; SecTrustCreateWithCertificates(certificates, appleAppStorePolicy, &trust); - + if(SecTrustEvaluateWithError(trust, nil)) { CFRelease(trust); @@ -350,7 +350,7 @@ BOOL codeCertChainContainsFakeAppStoreExtensions(SecStaticCodeRef codeRef) NSLog(@"[codeCertChainContainsFakeAppStoreExtensions] found certificate extension, but was issued by Apple (App Store)"); return NO; } - + // We haven't matched Apple, so keep going. Is the app profile signed? CFRelease(appleAppStorePolicy); @@ -397,7 +397,7 @@ BOOL codeCertChainContainsFakeAppStoreExtensions(SecStaticCodeRef codeRef) CFRelease(signingInfo); return NO; } - + // Need to add our certificate chain to the anchor as it is expected to be a self-signed root SecTrustSetAnchorCertificates(trust, certificates); @@ -413,8 +413,6 @@ BOOL codeCertChainContainsFakeAppStoreExtensions(SecStaticCodeRef codeRef) BOOL signApp(NSString* appPath, NSError** error) { - if(!isLdidInstalled()) return NO; - NSDictionary* appInfoDict = [NSDictionary dictionaryWithContentsOfFile:[appPath stringByAppendingPathComponent:@"Info.plist"]]; if(!appInfoDict) return NO; @@ -437,18 +435,21 @@ BOOL signApp(NSString* appPath, NSError** error) } SecStaticCodeRef codeRef = getStaticCodeRef(executablePath); - if(codeRef == NULL) + if(codeRef != NULL) { - NSLog(@"[signApp] failed to get static code, can't derive entitlements from %@", executablePath); - return NO; - } - - if(codeCertChainContainsFakeAppStoreExtensions(codeRef)) - { - NSLog(@"[signApp] taking fast path for app signed using a custom root certificate (%@)", executablePath); - CFRelease(codeRef); - return YES; + if(codeCertChainContainsFakeAppStoreExtensions(codeRef)) + { + NSLog(@"[signApp] taking fast path for app signed using a custom root certificate (%@)", executablePath); + CFRelease(codeRef); + return YES; + } } + else + { + NSLog(@"[signApp] failed to get static code, can't derive entitlements from %@, continuing anways...", executablePath); + } + + if(!isLdidInstalled()) return NO; NSString* certPath = [trollStoreAppPath() stringByAppendingPathComponent:@"cert.p12"]; NSString* certArg = [@"-K" stringByAppendingPathComponent:certPath]; @@ -499,6 +500,7 @@ void applyPatchesToInfoDictionary(NSString* appPath) // 170: failed to create container for app bundle // 171: a non trollstore app with the same identifier is already installled // 172: no info.plist found in app +// 173: app is not signed and cannot be signed because ldid not installed or didn't work int installApp(NSString* appPath, BOOL sign, BOOL force, NSError** error) { NSLog(@"[installApp force = %d]", force); @@ -510,8 +512,7 @@ int installApp(NSString* appPath, BOOL sign, BOOL force, NSError** error) if(sign) { - // if it fails to sign, we don't care - signApp(appPath, error); + if(!signApp(appPath, error)) return 173; } BOOL existed; diff --git a/PersistenceHelper/Resources/Info.plist b/PersistenceHelper/Resources/Info.plist index 4953dbf..15e42bc 100644 --- a/PersistenceHelper/Resources/Info.plist +++ b/PersistenceHelper/Resources/Info.plist @@ -52,7 +52,7 @@ iPhoneOS CFBundleVersion - 1.0.6 + 1.0.7 LSRequiresIPhoneOS UIDeviceFamily diff --git a/PersistenceHelper/control b/PersistenceHelper/control index f7a86f8..eb49441 100644 --- a/PersistenceHelper/control +++ b/PersistenceHelper/control @@ -1,6 +1,6 @@ Package: com.opa334.trollstorehelper Name: TrollStore Helper -Version: 1.0.6 +Version: 1.0.7 Architecture: iphoneos-arm Description: Helper app to install and manage TrollStore! Maintainer: opa334 diff --git a/Store/Resources/Info.plist b/Store/Resources/Info.plist index da5e09f..4ad618f 100644 --- a/Store/Resources/Info.plist +++ b/Store/Resources/Info.plist @@ -50,7 +50,7 @@ iPhoneOS CFBundleVersion - 1.0.6 + 1.0.7 LSRequiresIPhoneOS UIDeviceFamily diff --git a/Store/TSApplicationsManager.m b/Store/TSApplicationsManager.m index 57294c2..328c7f9 100644 --- a/Store/TSApplicationsManager.m +++ b/Store/TSApplicationsManager.m @@ -72,6 +72,9 @@ case 172: errorDescription = @"The app does not seem to contain an Info.plist"; break; + case 173: + errorDescription = @"The app is not signed with a fake CoreTrust certificate and ldid does not seem to be installed. Make sure ldid is installed in the settings tab and try again."; + break; } NSError* error = [NSError errorWithDomain:TrollStoreErrorDomain code:code userInfo:@{NSLocalizedDescriptionKey : errorDescription}]; diff --git a/Store/TSSettingsListController.m b/Store/TSSettingsListController.m index 99a3d83..2885116 100644 --- a/Store/TSSettingsListController.m +++ b/Store/TSSettingsListController.m @@ -192,7 +192,7 @@ } PSSpecifier* otherGroupSpecifier = [PSSpecifier emptyGroupSpecifier]; - [otherGroupSpecifier setProperty:[NSString stringWithFormat:@"TrollStore %@\n\n© 2022 Lars Fröder (opa334)\n\nCredits:\n@LinusHenze: CoreTrust bug\n@zhuowei: CoreTrust bug writeup and cert\n@ProcursusTeam: uicache and ldid build\n@cstar_ow: uicache\n@saurik: ldid", getTrollStoreVersion()] forKey:@"footerText"]; + [otherGroupSpecifier setProperty:[NSString stringWithFormat:@"TrollStore %@\n\n© 2022 Lars Fröder (opa334)\n\nCredits:\n@LinusHenze: CoreTrust bug\n@zhuowei: CoreTrust bug writeup and cert\n@lunotech11: Some contributions\n@ProcursusTeam: uicache and ldid build\n@cstar_ow: uicache\n@saurik: ldid", getTrollStoreVersion()] forKey:@"footerText"]; [_specifiers addObject:otherGroupSpecifier]; // Uninstall TrollStore diff --git a/Store/control b/Store/control index 6b0fccc..c215f6c 100644 --- a/Store/control +++ b/Store/control @@ -1,6 +1,6 @@ Package: com.opa334.trollstore Name: TrollStore -Version: 1.0.6 +Version: 1.0.7 Architecture: iphoneos-arm Description: An awesome application! Maintainer: opa334